Strategic Security Consultant, Mandiant, Google Cloud
Apply NowCompany: Google
Location: Toronto, ON M4E 3Y1
Description:
Minimum qualifications:
Preferred qualifications:
About the job
In this role, you will lead and support projects on behalf of clients that assess, test, or build their security programs. Project teams may range from 2 to 5 colleagues. Clients will range from start-up companies looking to supplement their security team to companies that need fresh ideas to enhance their perspective on the security program. You will provide guidance and advice to clients on best practices and managing the risks for their security program.
Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.
Responsibilities
- Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent practical experience.
- 4 years of experience assessing and developing cybersecurity solutions and programs across security domains.
- 4 years of experience in delivering cyber outcomes, identifying mission risks, and devising solutions.
- Ability to travel up to 30% as needed.
Preferred qualifications:
- Experience implementing industry-leading practices around cyber risks and cloud security for clients and cloud security frameworks using industry standards.
- Experience with software development life-cycles, including identifying vulnerabilities within code.
- Experience performing AI Security Assessments, including SAST and DAST testing methodology.
- Knowledge of tools used in security event analysis, incident response, computer forensics, network and endpoint architecture, or other security operational areas.
- Understanding of cyber defense operations to include the incident response, containment, and remediation process, cyber threat intelligence, or security architecture.
About the job
In this role, you will lead and support projects on behalf of clients that assess, test, or build their security programs. Project teams may range from 2 to 5 colleagues. Clients will range from start-up companies looking to supplement their security team to companies that need fresh ideas to enhance their perspective on the security program. You will provide guidance and advice to clients on best practices and managing the risks for their security program.
Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.
Responsibilities
- Develop roadmaps and recommendations to drive client enhancements of the cloud security architecture, governance, and standards.
- Identify, incorporate, and articulate cloud security best practices such as DevSecOps strategy, Zero Trust design, and cloud incident response.
- Perform security configuration assessments of a client's cloud platforms and reviews for common cloud-based SaaS platforms.
- Interface with clients to address concerns, issues, or escalations, track and drive to closure any issues that impact the service and its value to clients. Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex technical subjects.
- Provide guidance on building or maturing cyber security programs and the implementation of tools and technologies used for enterprise security.